Not a user yet?
Log in Register for free Suggest a product
The manufacturer Cisco has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Update

Fixed: Cisco FTD Software for Firepower 1000, 2100, 3100, and 4200 Series Static Credential Vuln

Firepower 1000 Series FirewallsFirepower 1000 Series Firewalls
Cisco
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

Cisco Secure Firewall Threat Defense Release Notes, Version 7.7.x

Features
For features in earlier releases, see Cisco Secure Firewall Management Center New Features by Release and Cisco Secure Firewall Device Manager New Features by Release.

Open Bugs in Version 7.7.0

  • CSCwn84258: Confusing Verdict for Snort Injects - Change From Block to "Replaced"/"Injected"
  • CSCwo27175: 1240: intermittent exhaustion of asymmetric buffers are observed with teravm tls traffic
  • CSCwo01338: 9.23/SecGW with flow-offload cluster-redirect enabled causes Out of Sequence TCP Packets for TCP 450
  • CSCwo32191: Deployment Fails due to Config Error response from LINA

Resolved Security Bugs in Version 7.7.0

  • CSCvk74112: Evaluation of WSA for FreeBSD CVE-2018-6922
  • CSCvm44463: update RabbitMQ - 3.6.x is EOL
  • CSCwb38658: SMA: Which appliances are effected Infinite loop in BN_mod_sqrt() (CVE-2022-0778)
  • CSCwb67583: ASDM Access Issue When SSL VPN And HTTP Server Is Configured On Same Port
  • CSCwc28334: Cisco ASA and FTD Software RSA Private Key Leak Vulnerability
  • CSCwd50155: Evaluate FMC for CVE-2022-42252
  • CSCwd65251: WA-B/TPK: "core.sshd" files found on DUT
  • CSCwe42917: All Cisco EXR products impacted with sudo vulnerability CVE-2023-22809
  • CSCwe48399: The public API function BIO_new_NDEF is a helper function used for str
  • CSCwe86964: Consul and Consul Enterprise allowed an authenticated user with service:
  • CSCwe88928: Health Monitoring shows Unmanaged devices
  • CSCwf22483: SSH to Chassis allows a 3-way handshake for IPs that are not allowed by the config
  • CSCwf34069: Cisco ASA and FTD Remote Access SSL VPN Authentication Targeted Denial of Service Vulnerability
  • CSCwh10931: ASA/FTD traceback and reload when invoking "show webvpn saml idp" CLI command
  • CSCwh17395: Evaluation for CVE-2023-38408 on standalone NXOS N9K
  • CSCwh20307: FMC fails deployment after removing NAT or ACL rule
  • CSCwh39258: Occasionally External auth may not work after HA failover to Active
  • CSCwh41094: Cisco FTD TCP/IP Traffic Snort 2/3 Denial of Service Vulnerability
  • CSCwh52710: evaluate open-vm-tools / VMware Tools on FMC for VMware -- CVE-2023-20900 and VMSA-2023-0019
  • CSCwh88595: Evaluation of wsa for HTTP/2 Rapid Reset Attack vulnerability
  • CSCwh94197: MiniZip in zlib through 1.3 has an integer overflow and resultant heap
  • CSCwi05240: ASA - Traceback the standby device while HA sync ACL-DAP
  • CSCwi05435: [ENH] FMC to pull FTD device current SRU version rather than device records for SRU deployed.
  • CSCwi21625: FailSafe admin password is not properly sync'd with system context enable pw
  • CSCwi29934: Cisco FXOS Software Link Layer Discovery Protocol Denial of Service Vulnerability
  • CSCwi42291: Cisco Firepower Threat Defense Software TCP Snort 3 Detection Engine Bypass Vulnerability
  • CSCwi46163: Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.
  • CSCwi55527: [Snort3] - Ignore malformed packets received from lina with wrong dsize
  • CSCwi56499: Cut-Through Proxy feature spikes CP CPU with a flood of un-authenticated traffic
  • CSCwi60430: CVE-2023-51385 (Medium Sev) In ssh in OpenSSH before 9.6, OS command injection might occur if a us
  • CSCwi61058: Cisco Firepower Management Center Cross Site Scripting Vulnerability
  • CSCwi62683: The SSH transport protocol with certain OpenSSH extensions, found in ... (CVE-2023-48795)
  • CSCwi64429: MonetDB memory usage grows slowly over time
  • CSCwi65260: Modification of destination entries failed, when SOG and DOG contain same inner object-group
  • CSCwi78063: Cisco FTD Software and FMC Software Code Injection Vulnerability
  • CSCwi78370: 41xx/93xx : Update CiscoSSH (Chassis Manager FXOS) to address CVE-2023-48795
  • CSCwi78593: Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability
  • CSCwi78596: Cisco Firepower Management Center SQL Injection Vulnerabilities
  • CSCwi81503: HTTP/HTTPS detection for application needs to fail it's detection earlier
  • CSCwi81958: Impact of CVE-2023-48795 On WSA 15.0.0-337
  • CSCwi90040: Cisco ASA and FTD Software Command Injection Vulnerability
  • CSCwi96521: Push clear configure access-group to avoid error while applying access group on FTD
  • CSCwi96562: Cisco ASA and FTD FXOS CLI Root Privilege Escalation Vulnerability
  • CSCwi98274: unzip 5.52 is from 2005 is contains multiple vulnerabilities
  • CSCwi98284: Cisco ASA and FTD Software Persistent Local Code Execution Vulnerability
  • CSCwj03056: FMC username enumeration from API response
  • CSCwj03348: vFMC25 OCI to vFMC300 OCI migration failed 'Migration from Y to a is not allowed.'
  • CSCwj06675: Cisco ASA and FTD Software Persistent Local Code Execution Vulnerability
  • CSCwj08083: An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.1
  • CSCwj08667: ASA/FTD Traceback and Reload during ssl session establishment
  • CSCwj09110: Upload files through Clientless portal is not working as expected after the ASA upgrade
  • CSCwj10955: Cisco ASA and FTD Software Web Services Denial of Service Vulnerability
  • CSCwj11119: Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability
  • CSCwj12173: Policy cache cleanup thread should cleanup any cache that is left open for a logged out session
  • CSCwj14147: ASDM fails to load access-group config if L2 and L3 acl's are mixed.
  • CSCwj14624: Backup exits with memory allocation error on 4115
  • CSCwj15792: Cisco ASA and FTD Software Dynamic Access Policies Denial of Service Vulnerability
  • CSCwj19125: Cisco ASA and FTD NSG Access Control List Bypass Vulnerability
  • CSCwj20804: Cisco ASA and FTD Software VPN Web Server Limited Information Disclosure Vulnerability
  • CSCwj33187: Internal cached access-group list maintenance issue with unexpected clear configure access-list
  • CSCwj45632: Deployment failures seen on FDM related to static routes or ACLs
  • CSCwj45822: Cisco ASA and FTD Software Remote Access VPN Brute Force Denial of Service Vulnerability
  • CSCwj48754: SFDataCorrelator high memory usage when restart with large network map hosts
  • CSCwj49745: Cisco ASA and FTD VPN Web Client Services Cross-Site Scripting Vulnerabilities
  • CSCwj58955: Can't make any changes on TPK 3110 chassis registered on FMC when chassis under domain
  • CSCwj59315: Smart license registration failing on FDM post 7.4.1 baseline due to http-proxy
  • CSCwj63974: Memory manager improvements for webvpn internal lua library
  • CSCwj68540: Cisco Secure Firewall Management Center Software Command Injection Vulnerability
  • CSCwj69533: Unable to change authentication methods on default tunnel group when using FDM
  • CSCwj72683: ASA - Bookmarks on the WebVPN portal are unreachable after successful login.
  • CSCwj77284: Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability
  • CSCwj79229: FMC - plain-text passwords for External Authentication Profile "Radius Server Key"
  • CSCwj91570: Cisco ASA and FTD Software Remote Access VPN Brute Force Denial of Service Vulnerability
  • CSCwj92223: Cisco Adaptive Security Appliance and Firepower Threat Defense TLS Denial of Service Vulnerability
  • CSCwj99043: Cisco ASA & FTD Software IKEv2 Denial of Service Vulnerability
  • CSCwj99068: Cisco ASA and FTD Software IKEv2 VPN Denial of Service Vulnerability
  • CSCwk05564: Only US region in FDM Cloud Services.
  • CSCwk07982: Cisco FTD Software for Firepower 1000, 2100, 3100, and 4200 Series Static Credential Vuln
  • CSCwk08241: FTD is not resolving FQDN for ACLs intermittently
  • CSCwk12484: Update UI to prevent configuring cipher and/or version filters for Decrypt Resign/Known Key rule
  • CSCwk12738: Cisco Adaptive Security Virtual Appliance and Secure FTD Virtual SSL VPN DoS Vulnerability
  • CSCwk21540: Unable to establish RAVPN session on FTD HA setup
  • CSCwk25117: ENH: Add application support for blocking consecutive AAA failures on LINA
  • CSCwk37414: Cloud regions dropdown may not show any regions if FMC connectivity is down during upgrade
  • CSCwk48975: Packet-tracer output incorrectly appends 'control-plane' to drops for data-plane access-group
  • CSCwk53369: Cisco ASA and FTD Software Remote Access VPN Denial of Service Vulnerability
  • CSCwk62296: Address SSP OpenSSH regreSSHion vulnerability
  • CSCwk62297: Evaluation of ssp for OpenSSH regreSSHion vulnerability
  • CSCwk67859: FTD and FXOS: RADIUS Protocol Spoofing Vulnerability (Blast-RADIUS): July 2024
  • CSCwk67902: FTD: RADIUS Protocol Spoofing Vulnerability (Blast-RADIUS): July 2024
  • CSCwk69454: FDM: Blast-RADIUS CVE-2024-3596
  • CSCwk69742: FTD: Policy deployment failed due to mismatch of checksum.
  • CSCwk71817: FMC: Blast-RADIUS CVE-2024-3596
  • CSCwk71992: BlastRADIUS vulnerability phase-1 fix for pix-asa - Message Authenticator
  • CSCwk74813: Cisco Adaptive Security Appliance and Firepower Threat Defense TLS Denial of Service Vulnerability
  • CSCwk74997: With CVE-ID cannot search the IPS events on the FMC
  • CSCwk75035: Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vul
  • CSCwk75832: Snort3 reloads when AppID reload and snort restarts are happening simultaneously
  • CSCwk93503: around 400 tasks were created on primary FMC to install VDB updates on standby FMC
  • CSCwm05570: vFMC upgrade from 7.6.0-68 to 7.7.0-1358 failed @800_post/890_install_version_masked_apps.pl
  • CSCwm35624: Long boot time seen with one AC rule having object-group and other plain ACL's
  • CSCwm41195: Attempting to edit chassis of multinstance FTD gets "Request Timed Out. Retry after sometime."
  • CSCwm44719: FTD Snort3 traceback in daq_pkt_msg
  • CSCwm48671: Vulnerabilities in freebsd 13.0 CVE-2024-45287 - libnv
  • CSCwm49153: Cisco Adaptive Security Appliance Software SSH Server Resource DoS Vulnerability
  • CSCwm49410: Misconfigured Cross-Origin-Opener-Policy
  • CSCwm77247: FTD Restore Failing because of no space left on the device
  • CSCwm82231: Evaluation of multiple Azul Zulu vulnerabilities on openjre ASDM
  • CSCwn10158: cdFMC deployment removes ACL/crypto maps when deploying in bulk
  • CSCwn21134: FMC is not pushing no-validation-usage to the trustpoint if user not choosing validation usage type
  • CSCwn50488: Vulnerabilities in openssh 9.1p1 CVE-2023-28531
  • CSCwn55478: cdFMC Possible NAT negation during deployment if object being reused in NAT Policy on device & ACL
  • CSCwn69963: Addressing CVEs reported in unicorn zlib library
  • CSCwo44732: ARP is silently dropping packet for unreachable next-hops
  • CSCwo57216: cdFMC deployment randomly removes ACL/crypto maps when deploying in bulk

Resolved Functional Bugs in Version 7.7.0
Additional Resolved Functional Bugs in Version 7.7.0-91 (Management Center Only)

  • CSCwo44709:cdFMC multiple protected networks with NAT exempt enabled, NAT exempt CLIs are not getting generated
Version: Firewall Threat Defense 7.7.0 Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Cisco Firepower 1000 Series Firewalls updates

More from the IT Infrastructure section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad